Auditing and Assurance - Whistle Blower Hotline - Coursework Example

Auditing and Assurance Whistle Blower Hotline Grant Thornton (2009) explained that the skeleton of whistle blowing came into place with the introduction of the Sarbanes-Oxley Act (SOX) in 2002. He calls this the skeleton, mainly because it did provide a basis and the need that a corporate organization should have a well-established process but had little to show for the same. The act which in the United States formed the first legal procedure on the whistle blowing process was later to be used as the standard measure by other countries on matters pertaining to the Whistleblower programs. In the act, it is required that there is an audit committee that is mandated with the responsibility on how to receive, retain and treat complaints from an issuer regarding the accounting internal controls and auditing matters. It also calls for confidential, anonymous submissions by the employees regarding the said matters (Section 301). On his part, Donald Dowling (2011), notes that whistle blowing is part of the corporate social responsibility to ensure that that the organization has in place a well whistle blowing mechanism. He notes that the establishment and launching of the whistle blowing procedure, report channel or rather the “hotline” has been a trend that many coporates have adopted latterly. The adoption of this as a best practice has thus led many organization to take up more of the same procedures to keep with the speed of the said adoption. Donald notes that while informal groups have different names for the whistle blowers, the corporate world have already been able to assimilate the need to have this process well documented and properly laid out in their structures. This he notes that however, it has not been possible given the fact that most of the times, the end results of this process are mainly not known and where known, the process is still in the early stages of development. While the process largely remains uncontroversial ‘best practice’ how it is achieved is what remains ‘tension able’ especially where there are multinationals involved and the escalations are done the head offices. While developing any whistle blowing strategy, there is always need to ensure that there are several key aspects that are not left out. Some of which if left then the whole process may not only be compromised but still may go against the law that governs the various aspects of the whistle blowing requirements. Donald (2010) thus noted that the first aspect each organization has to deal is the legality of the whole process. He notes that one may even launch a complaint regarding the way an organizational hotline is legally structures. This is especially more risky with the multinational corporations which operates from different legal backgrounds. Dodd-Frank noted that while whistle blowing has been taken up by many organizations with an intention to help streamline the internal functioning of the firms, the same must conform to the requirement that they should also serve the public interest. This means that is should be able to provide the government with the required information regarding the white collar criminals. While whistleblowing is important for the corporate governance of the organization, the government is also interested with the running of the firm. This therefore means that the whistle blowing activities also serve to tell the government how the coporates are running their affairs. It thus follows that while the whistle blowing activities are brought to the knowledge of the top leadership within the organization, the government also needs to be made aware of whatever is happening to ensure that where need be white collar criminals that required to be investigated by the state are done so in a well laid out manner. There is therefore a great amount interest from the government in a bit to salvage before it is lost. For example the US government has even established a reward system for the whistle blowers to government where the whistle blower gets 10% of the recovered net amount. These were amount the most of the times the government would end up losing but since there are procedure well established on whistle blowing, the net sanctioned amount is used partly to rewards patriotic citizens for the same especially in the securities market (Adopting Release, Implementation of Whistleblower Provisions of Section 21F of the Securities Exchange Act of 1934, 2011). There is also need to ensure that specific whistle blowing hotlines are localized for the the specific organization, this was indeed enshrined in the most basic law that lays out the structure for whistle blowing. This is where it leaves the audit committee as the head of the whistle blowing strategy development. This recognizes that there is no one specific process through which organizations are able to function using one broad and outlined whistle blowing process. It is therefore up to the audit committees to determine what best suits them and thus in raltion to to come up with the best way of carrying out the same. In fact this becomes an issue also with multinationals which require that an almost similar process is followed to ensure uniformity while at the same time recognizing that the same cannot be duplicated all over the various parts of the world owing to the different nationality dynamics. Owing to the negative factors that are associated with the whistle blowing activities there is a need to ensure that there is proper identification of the whistleblowers. This means that the whistleblowers need to be assured that they will not be identified by interested parties in the whistle blowing activists while at the same time ensuring that there can be easily followed up on the same. This is mainly attributed to the different factors associated with anonymous whistle blowing activities. There are countries which have gone to the extent of totally banning of anonymous denunciations such as Spain and Portugal. This is mainly due to the fact that such information is at most times misleading and at times just meant to witch hunt other individuals. European countries to a large extent discourage the whole idea of accepting anonymous denunciations (Dowling, 20009). With all that said, an effective whistle blowing program needs to ensure that there is a privacy of the said whistle blower. The person who will doing the whistle blowing needs to be assured of his security that whatever information is disclosed to the system cannot be used to disadvantage the said individual. Since they will be providing the system with a lot of data that the individuals have no idea of, the system needs to assure the person providing such information, that there is no possibility of it landing into the wrong hands and where this may be the case, there should be proper mechanisms to protect the said individual from victimization. Grant Thornton (2009), noted that the other most effective factor of the whistle blowing activity is time. The lag between when an issue is noted, raised and acted upon can be a major determinant of how much the same will impact on the business. For example, major scandals like the Enron scandals had they been identified within their initial stages, a lot of the business would have been saved leave alone the reputational damage of the over sighting authorities. Timely arrest of such issues could also prevent the vice from taking place. This thus follows that it is up to the developers of the whistle blowing channels to ensure that information is received on a timely manner and that the same is actioned for as soon as possible. Grant Thornton advocates for a process described as the Model Accounting Complaint-Handling Process, or “MACH Process”. Here he explains that out of any whistle blowing system there are three affected parties namely; users, accused parties and other interested parties. The system thus needs to integrate the need of all these individuals into it. The users are the expected whistle blowers who are mainly the employees, management, directors, customers, vendors, suppliers and the investors whom could also be the accused. Other interested parties within the system include General legal counsel, Internal audit, Risk management, Information technology, Human resources, Public and investor relations who are within the organization while the Outside legal counsel, Bankers, Insurance companies, Government/regulators, Rating agencies, Shareholders, External auditors, Creditors and the Debtors. These are the main and potential stakeholder of the whistle blowing system and like any other system in development, they always come in first. The stakeholder will want to be assured of their confidentiality for both the users and the accused. This brings in the fact that where complaints are brought forwards against a certain employee or director, that remains just but a complaint that requires investigation and in the meantime the accused remains innocent until proven otherwise. The users need to be assured of the ease of use of the system. There need to be a proper communication procedure need to be laid out to sensitive the potential users on how to log complaints into the system. This note of the fact that where the users are not sure of how the system works, there is a higher chance that they will not ask but rather will keep ways from the system. The system also has the duty to inform where reasonableness of the steps taken to process the said complaint. It also requires that where reasonable, the persons in the investigation that they are informed of the subject of their investigation as per the privacy requirement. This needs to be done in using clear, correct and relevant information. It is expected that in any matter that is brought for investigation that the users first provide the system with as much relevant information as possible. The system should be established in a way that the whistleblower will be encouraged to provide as much relevant information as possible. This therefore calls for the potential usersto be taught on when and how to use the hotline to ensure that they not only report only what is relevant but also to know what is relevant with each specific case. Awareness creation is thus very important as far as the whistle blowing activity is concerned. Proper use of modern technology is also one of the upcoming trends in whistle blowing. Currently a lot of whistle blowing is done over the internet where advanced technology allows for secure, scalable and future proofed use of modern technology, this means that where need the anonymity of the whistleblower can be maintained while at the same time one is able to verify the data later on if need be by simply assigning the correct rights to the various levels of individuals within the system. This thus calls for use of compliant, secure, robust and scalable technology infrastructure. The system also is required to be as user friendly as possible and universally accessible. This means, therefore that there is a need to ensure that the system can be accessed by all the required users. To ensure this, an organization would look into the possibility of ensuring that there are different channels to be used to address when and how the potential users need to use the system. It thus would call for the system to meet all the preferences of the target users’ needs such as phone, mobile, web, The implementation of a confident whistle blowing hotline has thus been said to be critical for all the different types and sizes of organization in ensuring effective principles of governance. The Association of Certified Fraud Examiners (ACFE) has in fact established through research that where there are proper mechanisms of the same, there are less likely incidents of fraud as compared to institutions that have none. A successful reporting system is able to yield a lot of other important benefits such employees and other stakeholders’’ enhanced satisfaction and reduced legal, financial and reputational risk. (Beyond Compliance: Implementing Effective Whistleblower Hotline Reporting Systems 2007) Effectiveness of Regulatory Reforms The recent high-profile corporate accounting irregularities have jolted various authorities into taking appropriate action to avoid future similar incidents. This has mainly been achieved through the introduction new standards of accounting like the Sarbanes-Oxley Act (SOX) as part of the newly implemented International Accounting Standards. These new regulations will lead to a higher need for comparability of different reporting and accounting principles. The European Union regulations require any companies that are listed in the stock market to make use of the International Accounting Standards for financial years beginning January 2005. This new regulatory framework is widely responsible for the two main areas to do with investor protection:  The responsibilities of both the CFO and CEO together with the accountability of financial disclosures and controls It has also increased the engagement and professionalism of the key corporate audit committees. Even with all these credits owed to it , there is still some criticism leveled against it due to its inability to prevent events like the 2008 financial crisis. This is one of the most controversial sections of the Sarbanes-Oxley Act .This section requires corporate management to provide assurances that there is effective in house control over their financial reporting. These assurances will also have to be backed by the corporation’s external auditing firm.This new regulation also requires public companies to make public whether their senior financial officers have adopted a code of ethics 2. It is however much more demanding and detailed if the said company is a listed in the New York Stock Exchange. Such a company is required to publish on its website the business code of conduct and ethics that is applicable to their employees and directors and also the waivers applicable if any , to its executive officers and directors. This code of ethics is guided by the NYSE which has a specific list of topics that have to be covered by the company’s code of ethics. This strong requirement to have publicly known ethics has led to adoption of strong ethics by various kinds of organizations. This strong ethical culture has made it much easier for companies to attract highly qualified and ethical employees thus reducing the previously high employee turnover and high costs of retraining new employees. This inevitably leads to increased profitability and optimal productivity on the part of the company’s staff. Companies with such kind of a reputation inevitably attract increasing numbers of consumers that want to be identified with them. Audit Firm Performance   While looking at the effectiveness of such a regulation in the accounting and financial reporting sector, we have to look at its effect on the overall performance of independent auditors over the past decade ever since it was implemented. This is an important benchmark in evaluating this new regulation since its first subchapter outlines the need for existence of a body that supervises the audit of the various companies that fall under the securities laws and related matters so as to protect investor interests and the interests of the public in preparation of accurate, independent and informative audit reports. It is important to know whether this revision in the structure of oversight has effectively regulated public company auditors.   For long periods of time since auditing as a profession was established, it has always been a self-regulating profession. The auditing industry had complete independence and autonomy prior to SOX in making significant decisions such as: Setting the required bar required for one to enter into practice. Coming up and agreeing on the code of practice and ethics under which its members should operate. The determining of the level of performance of the various members through the use of these standards. Investigating individual members to determine whether they have gone against any of the industry’s ethical standards. It also had the authority to discipline its members appropriately. When this new regulatory act was adopted, public accounting was split into audits of publicly held entities and all other entities.SOX brought about the establishment of Public Company Accounting Oversight Board (PCAOB) that is an independent body. This Board had the mandate to come up with new standards that would apply on a new category of firms that had the responsibility of auditing publicly held companies. This board was also tasked with enforcing these rules. The only method of evaluating the performance of audit firms has been through the annual speech given by the chairman of the PCAOB. The downside of these reports is that they tend to only express general views as opposed to comprehensive statistics. In the year 2011, the PCAOB chairman stated that after reviewing almost 2,800 audits conducted by the largest audit firms, hundreds of them were found to be audit failures. The term audit failure refers to an extremely serious deviation from normal practice. In a report released in 2012, there was an extremely high level of deficiencies detected. It was revealed that many audit regulators around the globe had discovered that there was a gap between the fulfillment of audit and the purpose of audit due to the fact that auditors tend to sell their services to the client companies and this tends to undermine the state of mind of the auditors. The development of these generalizations does not help in building confidence in the clients of these professional auditing opinions.   The main requirement in SOX that states that all findings resulting from the Board inspections be treated confidentially tend to hinder independent opinion and analysis of maybe the main measure of the quality of the audit. The reports that are released to the public detailing the performance of certain auditing firms do not contain specific crucial details about performance of the individual firms. This is of legal advantage to the firms since it protects them from litigation. This board has the authority to reveal parts of the confidential information in case it discovers that improvement efforts made by a certain company are not satisfactory in relation to the criticism levied against them. Ernst & Young and the United States chamber of commerce are some of the organizations that tend to provide unrelated non audit services. E & Y released a report about macroeconomic estimates of potential future estimates in the American economy which was sponsored by several other industry organization: The National Federation of Independent Business, the USCC, the Independent Community Bankers of America and the National Federation of Independent Business 4. These lopsided reports were meant to show the public the possible negative effects that the US economy will suffer if the taxation rates paid by certain businesses were to rise. These results were published extensively by certain political lobby groups and the sponsoring organizations. Interestingly enough, these events or development were not published by the United States Chamber of Commerce. How to best to reduce financial irregularities. It is a known fact that white collar crime in the financial sector has greatly increased over the past decade. Many of these crimes often go unreported since most businesses consider the cost it will have on their public image. .This is not being helped by the fact that computers are increasingly being adopted in the day to day businesses .Computers tend to be very vulnerable and this exposes the business entities into even more opportunities and chances of fraud and financial abuse. A dedicated effort has to be maintained by the company’s management, auditors both external and internal ,and all employees in order to keep white collar crime at a bare minimum. It must be noted that contrary to popular belief, fraud is not a crime without victims. The cost of this crime is shared by every stakeholder even though the corporations or the business tends to shoulder the most of the weight through the loss of profits. Everyone can help deal with fraud through improved internal controls, much more stricter requirements of the of the auditors, and better working environment for the company’s employees In order to ensure reduced levels or absence of fraud in many local businesses and community organization, the government should ensure better education is provided as well as improved legislation to impose harsher sentences to individuals that deviate towards fraud in community and public organizations. Bibliography David C. Dowling, Jr., Sarbanes-Oxley Whistleblower Hotlines across Europe: Directionsthrough the Maze, The International Lawyer, Spring, 2008. Grant Thornton (2009) Establishing an effective whistleblower complaint-handling process :Addressing the concerns of the Corporate Governance Community 2009 Corporate Governor Series: Section 301 Public Company Audit Committees of Title III of the Sarbanes-Oxley Act of 2002. Donald C. Dowling, Jr. (November 2011) Global Whistleblower Hotline Toolkit: How to Launch and Operate a Legally-Compliant International Workplace Report Channel White & Case Donald C. Dowling, Jr., (2010) Code of Conduct Toolkit: Drafting and Launching a Multinational Employer’s Global code of conduct Andrew p. Morriss and Samuel Esriecher Global Labor and Employment Law for the Practicing Lawyer (2010) (Wolters Kluwer). Dodd-Frank Wall Street Reform and Consumer Protection Act (whistleblower bounty provision), Pub.L.No. 111-203, § 922(a), 124 Stat. Exchange Act of 1934, Rel.No. 34-64545 (May 25, 2011 Dodd-Frank Wall Street Reform and Consumer Protection Act (whistleblower bounty provision), Pub.L.No. 111-203, § 922(a), 124 Stat. 1841 (2010) Whitepaper Beyond Compliance: Implementing Effective Whistleblower Hotline Reporting Systems 2007 EthicsPoint, Inc. De Vay, Debra L. The Effectiveness of the Sarbanes-Oxley Act of 2002 in Preventing and Detecting Fraud in Financial Statements: A Dissertation. Boca Raton, Fla: Dissertation.com, 2006. Moeller, Robert R. Sarbanes-Oxley and the New Internal Auditing Rules. Hoboken, N.J.: J. Wiley & Sons, 2004. . Holt, Michael F. The Sarbanes-Oxley Act Costs, Benefits and Business Impact. Amsterdam: CIMA, 2008. . Anand, Sanjay, and Jayne Wilkinson. The Sarbanes-Oxley Act: An Introduction. [Zaltbommel]: Van Haren Publishing, 2008. Read More